Re: [DNSOP] New Version Notification for draft-fanf-dnsop-rfc2317bis-01.txt

2015-11-10 Thread Tony Finch
Petr Spacek wrote: Thanks again for your feedback. > > Is the indirection problem specific to classless reverse DNS (which > > is the approach I took) or does it apply to the forward DNS as well? > > Suggestions for wording welcome. > > Personally I would mention that this

Re: [DNSOP] New Version Notification for draft-fanf-dnsop-rfc2317bis-01.txt

2015-11-10 Thread Petr Spacek
On 10.11.2015 15:22, Tony Finch wrote: > I have published a new version of my Classless IN-ADDR.ARPA draft. This > incorporates some miscellaneous suggestions from before the IETF meeting, > and Petr's suggestions from last week. > > All comments and suggestions welcome! > > Petr, I've cut down

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Paul Hoffman
On 10 Nov 2015, at 12:43, Mark Andrews wrote: > Perhaps we should be getting Jari, Suzanne and Andrew to push this > at IGF meetings. Or perhaps we should not. --Paul Hoffman ___ DNSOP mailing list DNSOP@ietf.org

Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-edns-chain-query

2015-11-10 Thread Tony Finch
Paul Hoffman wrote: > > With the current DNS protocol, a stub resolver can get all the records it > > needs to validate a response in 1RTT, by sending multiple concurrent > > queries for all the possible delegation points in the QNAME. > > I'm confused. How does the stub

Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-edns-chain-query

2015-11-10 Thread Tony Finch
Ólafur Guðmundsson wrote: > On Mon, Nov 9, 2015 at 12:52 PM, Evan Hunt wrote: > > On Mon, Nov 09, 2015 at 04:55:24PM +, Tony Finch wrote: > > > > > > With the current DNS protocol, a stub resolver can get all the records it > > > needs to validate a

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Mark Andrews
Perhaps we should be getting Jari, Suzanne and Andrew to push this at IGF meetings. In message <20151110152511.6f1a1...@pallas.home.time-travellers.org>, Shane Ker r writes: > Mark, > > On Fri, 06 Nov 2015 10:54:02 +1100 > Mark Andrews wrote: > > > I keep getting told the

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Jim Reid
> On 10 Nov 2015, at 21:11, Paul Hoffman wrote: > > On 10 Nov 2015, at 12:43, Mark Andrews wrote: > >> Perhaps we should be getting Jari, Suzanne and Andrew to push this >> at IGF meetings. > > Or perhaps we should not. +1

Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-edns-chain-query

2015-11-10 Thread Tim Wicinski
Do we know of any implementations that have tried this? >From my high tech gadget > On Nov 10, 2015, at 13:29, Tony Finch wrote: > > Paul Hoffman wrote: > >>> With the current DNS protocol, a stub resolver can get all the records it >>> needs to

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Daniel Stirnimann
>> Yes. Daily checks of all delegated server. I don't believe they are >> currently reporting the discovered faults. >> >> http://bamus.switch.ch/edns/summary.html > Cool, but unless they inform someone it won't help improve anything. > Others do and it's good to see some people on the

Re: [DNSOP] [internet-dra...@ietf.org: I-D Action: draft-bortzmeyer-dnsop-nxdomain-cut-00.txt]

2015-11-10 Thread Wessels, Duane
Hi Stephane, I read over this and have a few thoughts to share: This updates RFC 2308 (Negative Caching of DNS Queries). This would seem to be the key text from 2308 to update: A negative answer that resulted from a name error (NXDOMAIN) should be cached such that it can be retrieved

Re: [DNSOP] [internet-dra...@ietf.org: I-D Action: draft-bortzmeyer-dnsop-nxdomain-cut-00.txt]

2015-11-10 Thread Mark Andrews
In message <2015020725.34ce83c82...@rock.dv.isc.org>, Mark Andrews writes: > In message , "Wessels, Dua > ne > " writes: > > > I think the WG needs to discuss and agree whether or not to make the > > NXDOMAIN cut based on QNAME only, or on

Re: [DNSOP] [internet-dra...@ietf.org: I-D Action: draft-bortzmeyer-dnsop-nxdomain-cut-00.txt]

2015-11-10 Thread Mark Andrews
In message , "Wessels, Duane " writes: > Hi Stephane, > > I read over this and have a few thoughts to share: > > This updates RFC 2308 (Negative Caching of DNS Queries). This would seem to > be the > key text from 2308 to update: > >A

Re: [DNSOP] [ccnso-techwg] Re: Asking TLD's to perform checks.

2015-11-10 Thread Patrik Fältström
> On 11 nov. 2015, at 08:11, Dr Eberhard W Lisse wrote: > > So whatever comes out of that could, eventually, also go in. I completely agree. My only point is that I urge IETF to write text som that any(!) reader can understand there will always be cases where "errors" for

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Patrik Fältström
On 10 Nov 2015, at 22:24, Jim Reid wrote: >> Or perhaps we should not. > > +1 This discussion on making tests is coming back now and then. In RIPE, in IETF, in discussions around TLDs (specifically ccTLDs). I have run one such initiative myself. Everything has so far collapsed into collision

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Mark Andrews
In message <5373ddab-1ed2-489b-ab62-ba7cf6d3d...@frobbit.se>, "Patrik =?utf-8?b ?RsOkbHRzdHLDtm0=?=" writes: > On 10 Nov 2015, at 22:24, Jim Reid wrote: > > >> Or perhaps we should not. > > > > +1 > > This discussion on making tests is coming back now and then. In RIPE, in > IETF, in discussions

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Viktor Dukhovni
On Wed, Nov 11, 2015 at 07:25:39AM +0100, Patrik Fältström wrote: > Everything has so far collapsed into collision between tech people not > agreeing on what is right and wrong. It also collapses into clashes between > registry policy and the tests made. I.e. just the registration policy is >

[DNSOP] New Version Notification for draft-fanf-dnsop-rfc2317bis-01.txt

2015-11-10 Thread Tony Finch
I have published a new version of my Classless IN-ADDR.ARPA draft. This incorporates some miscellaneous suggestions from before the IETF meeting, and Petr's suggestions from last week. All comments and suggestions welcome! Petr, I've cut down your security considerations fairly viciously; please

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Shane Kerr
Mark, On Fri, 06 Nov 2015 10:54:02 +1100 Mark Andrews wrote: > I keep getting told the IETF can't tell people what to do > but that is *exactly* what we do do when we issue a BCP. > We tell people what best current practice is and ask them > to follow it.

Re: [DNSOP] Asking TLD's to perform checks.

2015-11-10 Thread Viktor Dukhovni
On Wed, Nov 11, 2015 at 07:43:30AM +1100, Mark Andrews wrote: > Perhaps we should be getting Jari, Suzanne and Andrew to push this > at IGF meetings. Not knowing what IGF meetings are, I can't comment on this specific point. > So we don't say what's right because you fear that not everybody >

Re: [DNSOP] Working Group Last Call for draft-ietf-dnsop-edns-chain-query

2015-11-10 Thread Viktor Dukhovni
On Tue, Nov 10, 2015 at 09:29:30PM +, Tony Finch wrote: > Paul Hoffman wrote: > > > > With the current DNS protocol, a stub resolver can get all the records it > > > needs to validate a response in 1RTT, by sending multiple concurrent > > > queries for all the